当前位置:网站首页>Detect certificate expiration script
Detect certificate expiration script
2020-11-06 21:29:59 【Irving the procedural ape】
Premise
It's always a hindsight , It's always a hindsight . The status quo is that whatever problems arise , Can not carry out early warning and intervention before the customer is unknown . In the morning, I had a chance to communicate with the R & D manager , Write this script , Trying to start with early warning .
From production k8s Cluster get realibox.cn Certificate , In the pre launch environment daemon Case study .
daemon Case study
# pwd/yufa/zhengshu/testlltotal 32-rw-r--r-- 1 root wheel 465B 9 9 09:50 test-ingress.yaml-rw-r--r-- 1 root wheel 711B 9 9 09:47 test.yaml-rw-r--r-- 1 root wheel 3.5K 9 9 09:24 tls.crt-rw-r--r-- 1 root wheel 1.6K 9 9 09:25 tls.key# kubectl -n realibox create secret tls realibox-cn --key ./tls.key --cert ./tls.crt# cat test.yamlapiVersion: v1kind: Servicemetadata: name: tomcat namespace: realiboxspec: selector: app: tomcat release: canary ports: - name: http port: 8080 targetPort: 8080 - name: ajp port: 8009 targetPort: 8009---apiVersion: apps/v1kind: Deploymentmetadata: name: tomcat-deploy namespace: realiboxspec: replicas: 1 selector: matchLabels: app: tomcat release: canary template: metadata: labels: app: tomcat release: canary spec: containers: - name: tomcat image: tomcat:7-alpine ports: - name: httpd containerPort: 8080 - name: ajp containerPort: 8009# cat test-ingress.yamlapiVersion: extensions/v1beta1kind: Ingressmetadata: name: ingress-tomcat-tls namespace: realibox annotations: kubernets.io/ingress.class: "kong"spec: tls: - hosts: - "*.realibox.cn" # And secret The domain name of the certificate needs to be consistent secretName: realibox-cn #secret The name of the certificate rules: - host: zisefeizhu.realibox.cn http: paths: - path: backend: serviceName: tomcat servicePort: 8080
Write a script to detect the expiration of domain name
I don't want to talk much about it
# cat check_daemon.sh#!/bin/bashsource /etc/profile# Define mailing lists maillist=( [email protected]realibox.com #2350835860@qq.com)# Send mail function send_mail(){ SUBJECT="$1 The domain name is about to expire " if [ $2 -ge 0 ];then CONTENT="$1: This domain name is about to expire , There is not enough time left $2 God , Please renew it in time !" for mail in ${maillist[*]};do echo -e "" Currently detected domain name :" $domain\n " Days left : " $days\n ${CONTENT} " | mail -s "${SUBJECT}" $mail done else day=$((-$2)) CONTENT="$1: This domain name has expired , Exceeded $day God , Please renew in time !" for mail in ${maillist[*]};do echo -e "${CONTENT}" | mail -s "${SUBJECT}" $mail done fi}# testing mails Whether the order exists , If not, install mail package is_install_mail(){ which mail &> /dev/null if [ $? -ne 0 ];then yum install -y mail fi}is_install_mail# Define the list of domain names to be detected domainlist=( zisefeizhu.realibox.cn)# Detect domain expiration time and notify for domain in ${domainlist[*]};do echo " Currently detected domain name :" $domain # Remove domain name expiration time end_time=$(echo | timeout 1 openssl s_client -servername $domain -connect $domain:443 2>/dev/null | openssl x509 -noout -enddate 2>/dev/null | awk -F '=' '{print $2}' ) ([ $? -ne 0 ] || [[ $end_time == '' ]]) && exit 10 end_times=`date -d "$end_time" +%s ` tmp=`date -d today +"%Y-%m-%d %T"` current_times=`date -d "$tmp" +"%s"` let left_time=$end_times-$current_times days=`expr $left_time / 86400` echo " Days left : " $days # Convert to timestamp end_times=`date -d "$end_time" +%s ` # Displays the current time in the form of a timestamp tmp=`date -d today +"%Y-%m-%d %T"` current_times=`date -d "$tmp" +"%s"` # The number of days left for domain name expiration let left_time=$end_times-$current_times days=`expr $left_time / 86400` echo " Days left : " $days if .........
版权声明
本文为[Irving the procedural ape]所创,转载请带上原文链接,感谢
边栏推荐
- C++ 数字、string和char*的转换
- C++学习——centos7上部署C++开发环境
- C++学习——一步步学会写Makefile
- C++学习——临时对象的产生与优化
- C++学习——对象的引用的用法
- C++编程经验(6):使用C++风格的类型转换
- Won the CKA + CKS certificate with the highest gold content in kubernetes in 31 days!
- C + + number, string and char * conversion
- C + + Learning -- capacity() and resize() in C + +
- C + + Learning -- about code performance optimization
猜你喜欢
-
C + + programming experience (6): using C + + style type conversion
-
Latest party and government work report ppt - Park ppt
-
在线身份证号码提取生日工具
-
Online ID number extraction birthday tool
-
️野指针?悬空指针?️ 一文带你搞懂!
-
Field pointer? Dangling pointer? This article will help you understand!
-
HCNA Routing&Switching之GVRP
-
GVRP of hcna Routing & Switching
-
Seq2Seq实现闲聊机器人
-
【闲聊机器人】seq2seq模型的原理
随机推荐
- LeetCode 91. 解码方法
- Seq2seq implements chat robot
- [chat robot] principle of seq2seq model
- Leetcode 91. Decoding method
- HCNA Routing&Switching之GVRP
- GVRP of hcna Routing & Switching
- HDU7016 Random Walk 2
- [Code+#1]Yazid 的新生舞会
- CF1548C The Three Little Pigs
- HDU7033 Typing Contest
- HDU7016 Random Walk 2
- [code + 1] Yazid's freshman ball
- CF1548C The Three Little Pigs
- HDU7033 Typing Contest
- Qt Creator 自动补齐变慢的解决
- HALCON 20.11:如何处理标定助手品质问题
- HALCON 20.11:标定助手使用注意事项
- Solution of QT creator's automatic replenishment slowing down
- Halcon 20.11: how to deal with the quality problem of calibration assistant
- Halcon 20.11: precautions for use of calibration assistant
- “十大科学技术问题”揭晓!|青年科学家50²论坛
- "Top ten scientific and technological issues" announced| Young scientists 50 ² forum
- 求反转链表
- Reverse linked list
- js的数据类型
- JS data type
- 记一次文件读写遇到的bug
- Remember the bug encountered in reading and writing a file
- 单例模式
- Singleton mode
- 在这个 N 多编程语言争霸的世界,C++ 究竟还有没有未来?
- In this world of N programming languages, is there a future for C + +?
- es6模板字符
- js Promise
- js 数组方法 回顾
- ES6 template characters
- js Promise
- JS array method review
- 【Golang】️走进 Go 语言️ 第一课 Hello World
- [golang] go into go language lesson 1 Hello World